Daniel Lezcano <dlezcano@xxxxxxxxxx> writes: > AFAIU, the Eric's proposal in case a new syscall was not accepted. IMHO a new > syscall, with the man pages is better than adding an extra obscure argument to a > well known API. But if there is a reason to not add a new syscall, we can > consider Eric's approach as a good alternative I think. > > But before sending anything, I am still waiting for Vivien and Andreas answer > about this approach. If it helps them to migrate their project to the network > namespace, I will send something more formal. In my queue I have some preliminary patches. For both the syscall thing and a filesystem that will pin the namespace. I trying to get my pile down so I can actually test it. Ultimately to get the full functionality of the current linux-vrf project we need: socketat (or some variant thereof) so we can get unprivileged creation of new sockets in another network namespace. A fs to pin the network namespace and give it a name. And ultimately a privileged operation sys_enter(int type, int fd); To allow the default network namespace to be changed allowing unprivileged applications to be run in the network namespace. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers